SG2100 wan speed
-
Hello,
I get provided 300/100 (guaranteed) from my provider. I can only use 200/100 in my Lan with different Speedtests on my clients. On the netgate sg2100 itself I get 230/100 when speedtesting via cli. Can it be that sg2100 cannot handle the full speed?
Using suricata as well... -
@hebein I have a 2100 at home and get ~475 down. IIRC it should max out somewhere around 600-700ish? Suricata can affect throughput. Check the CPU usage during your test, using top or System/Activity. If it's not maxing out then that's not the limit.
Disable Suricata temporarily to see if that helps. If it makes that much of a difference you might revisit what rules you had. I used to run Snort on mine without a speed drop, but it was around 300 limited by our ISP at the time. I removed Snort because given our setup it was blocking almost nothing...mostly HTTPS and no inbound at home.
-
Yeah, I would expect it to pass 300Mbps easily unless it's being loaded up by something else.
Check the output of
top -HaSPat the command line whilst testing the throughput. See how the cores are loaded.Steve
-
-
@jonathanlee said in SG2100 wan speed:
It should handle this
Mmmm... it's not going to do 964 Mbps from the Internet. Some of the tests are run without NAT, without firewall, etc. At some point Netgate used to have the test info, and it may still be somewhere but I don't know it offhand.
Usually I estimate about halfway between the "firewall" speeds on the product page:
IPERF3 Traffic: 964 Mbps IMIX Traffic: 249 MbpsI haven't maxed out a 2100 yet. I just did a rather unscientific test using a speed test from my eero (bridged through pfSense; my PC isn't wired) that got around 65-70% CPU usage at 430 Mbps down mid-day. That's without Suricata/Snort.
We had a client with an older 2440 model I think it was that hit 95-100% CPU usage, with Suricata enabled, around 350 Mbps as I recall.
